LISTSERV - NCSG-DISCUSS Archives

NCSG-DISCUSS Archives

NCSG-Discuss

NCSG-DISCUSS@LISTSERV.SYR.EDU

	LISTSERV Archives
	NCSG-DISCUSS Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show HTML Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	10/2: Comments on WHOIS Data Protection Recommendation due
From:	[log in to unmask]
Reply To:	[log in to unmask]
Date:	Tue, 20 Sep 2005 14:38:12 EDT
Content-Type:	multipart/alternative
Parts/Attachments:	text/plain (5 kB) , text/html (6 kB)

Friends:
I am pleased to report that after 3 years of work, the WHOIS Task Force (TF)
finally has a recommendation we can support!   Now posted on both the
GNSO and ICANN homepages is a procedure (from the WHOIS TF to the
Council) that would allow Registrars to respect their own privacy laws and
protect personal data -- when threatened with prosecution under their
national/local privacy laws.  

This Recommendation is an important first step -- to allow ICANN to work with
Registrars who live in countries that protect and prosecute under their data 
protection laws.  If passed by GNSO Council and the ICANN Board, it will be 
the first time that ICANN has a mandate to create a set of exceptions to the 
Registrar contracts -- and the first time that ICANN officially recognizes that 
the personal data located in the WHOIS databases (including name, address, 
telephone and email) 
is protected and governed by national and local laws. 

Would you please take a moment to support this important recommendation?  
Short comments from your organization, or you as an individual, are welcome.
     PROCEEDING:  Combined WHOIS task force (1,2 & 3)
     Preliminary Report on a policy recommendation and advice on a
     procedure for handling conflicts between a registrar/registry's
     legal obligations under privacy laws and their contractual
     obligations to ICANN 
       **DEADLINE: Sunday, October 2, 2005, 5pm.** 
     LINKS:  www.icann.org or www.gnso.icann.org   click Public Comment Forum
     COMMENTS TO:   [log in to unmask]
     COMMENTS ARCHIVED AT:  
http://forum.icann.org/lists/gnso-whoisprivacy-cmts 

If you have any questions, feel free to contact me.  
Regards,
Kathy Kleiman (co-author of this Recommendation as one of NCUC's 
Representation to the Combined WHOIS TF)

p.s.  This Recommendation is an important first step.  Milton and I have told 
the TF that we must continue to work towards changes in the WHOIS database 
that protect the privacy of ALL registrants.  

Additional Background useful for preparing comments:
Published back in 2003, the original report of WHOIS Task Force 2 noted that
Registrars were receiving complaints for violations of privacy laws with the
collection and publication of personal data in the WHOIS database (mandated
by ICANN's Registrar Accreditation Agreement).  The TF2 report was strong in
its conclusions:
      "The Task Force believes that there is an ongoing risk of conflict
between a registrars' or registries' legal obligations under local privacy 
laws
and their contractual obligations to ICANN. Since the variety of the existing
local privacy laws does not allow for a one-size-fits-all solution, the 
registrars
and registries encountering such local difficulties should be allowed an
exception from the contractual WHOIS obligation for the part of the WHOIS
data in question by the local regulation, after proving the existence of such 
a
conflict with a law or regulation."

In this report, TF2 also published a Table of Registrars, their countries and 
the
data protection laws (overview) of the countries.  This Excel spreadsheet is
very interesting, and posted at the NCUC website www.ncdnhc.org under
"Summary of national laws affecting data privacy."

This year the Combined WHOIS TF moved forward with the work above and
created the Policy Recommendation  now under review.  It received unanimous 
support from all the Constituencies at the TF level!  Here is the text:

"I. Task Force Policy for WHOIS Conflicts with Privacy Law 
CONSENSUS POLICY RECOMMENDATION 
In order to facilitate reconciliation of any conflicts between
local/national mandatory privacy laws or regulations and applicable
provisions of the ICANN contract regarding the collection, display and
distribution of personal data via Whois, ICANN should: 
     Develop and publicly document a procedure for dealing with the
     situation in which a registrar or registry can credibly demonstrate
     that it is legally prevented by local/national privacy laws or
     regulations from fully complying with applicable provisions of
     its ICANN contract regarding the collection, display and
     distribution of personal data via WHOIS. 
     Create goals for the procedure which include: 

              Ensuring that ICANN staff is informed of a conflict at the
          earliest appropriate juncture; 
              Resolving the conflict, if possible, in a manner conducive to
          ICANN's Mission, applicable Core Values and the
          stability and uniformity of the Whois system; 
              Providing a mechanism for the recognition, if appropriate, in
          circumstances where the conflict cannot be otherwise
          resolved, of an exception to contractual obligations to
          those registries/registrars to which the specific conflict
          applies with regard to collection, display and distribution
          of personally identifiable data via Whois; and 
              Preserving sufficient flexibility for ICANN staff to respond to
          particular factual situations as they arise."
          
Detailed procedures for the handling conflicts with privacy law are set
out in Section II of the report (see links above).

ATOM RSS1 RSS2

LISTSERV.SYR.EDU